| 1 |
- Recon 00 - Recon 03 exercise on Pentester Lab
|
| 2 |
- Recon 04 - Recon 07 exercise on Pentester Lab
|
| 3 |
- Recon 08 - Recon 11 exercise on Pentester Lab
|
| 4 |
- Recon 12 - Recon 16 exercise on Pentester Lab
|
| 5 |
- Recon 17 - Recon 26 exercise on Pentester Lab
|
| 6 |
|
| 7 |
- Read about Authentication vulnerabilities
|
| 8 |
- Solve 3 authentication labs on the portswigger lab
|
| 9 |
- Solve 2 authentication labs on the portswigger lab
- Read blog on Account Takeover
|
| 10 |
- Solve 2 authentication labs on the portswigger lab
|
| 11 |
- Read write-ups on Authentication Vulnerabilities
|
| 12 |
- Read about Access Control vulnerabilities
|
| 13 |
- Solve 4 access control labs on the portswigger lab
- Read blog on Bypassing authorization in Google Cloud Workstations
|
| 14 |
- Solve 4 access control labs on the portswigger lab
|
| 15 |
|
| 16 |
- Solve 5 access control labs on the portswigger lab
|
| 17 |
- Read blog: I Found Information Exposed In GitHub,What Next?
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
- Watched videos on Broken Access Control & IDOR
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
- Read about Information Disclosure vulnerabilities
|
| 40 |
- Solve 2 Information Disclosure labs on the portswigger lab
|
| 41 |
- Solve 3 Information Disclosure labs on the portswigger lab
|
| 42 |
- Information Disclosure reports on Hackerone
|
| 43 |
- Information Disclosure videos & reports
|
| 44 |
- Information Disclosure blogs
|
| 45 |
- Tips for finding Information Disclosure vulnerability
|
| 46 |
- Video on API Information Disclosure
|
| 47 |
- Introduction to LDAP Injection Attack
|
| 48 |
- Facebook bug A Journey from Code Execution to S3 Data Leak
|
| 49 |
- Hacking the Search Bar The Story of Discovering and Reporting an XSS Vulnerability on Bing
|
| 50 |
|
| 51 |
- Thread on finding the real ip of a Cloudflare
|
| 52 |
- Hacking with ChatGPT: Ideal Tasks and Use-Cases
|
| 53 |
- How I found DOM-Based XSS on Microsoft MSRC and How they fixed it
|
| 54 |
- Hacking GraphQL API Using Suggestions
|
| 55 |
- Bypassing SSO Authentication from the Login Without Password Feature Lead to Account Takeover
|
| 56 |
- How I Used JS files inspection and Fuzzing to do admins/supports stuff
|
| 57 |
- How i was able to find Django Misconfiguration using Shodan
|
| 58 |
- $10.000 bounty for exposed .git to RCE
|
| 59 |
- Business logic vulnerabilities
|
| 60 |
- Solved 3 logic flaws labs on the portswigger
|
| 61 |
- Solved 3 logic flaws labs on the portswigger
|
| 62 |
- User can upload files even after closing his account (Improper Authentication-Generic gives 500$)
|
| 63 |
- How I was able to access 2 million user’s data in the web3 domain
|
| 64 |
- CORS Misconfig that ended in 120$ bounty
|
| 65 |
- Exposing Users Table From a Leaky GraphQL Query
|
| 66 |
- Finding Your First Bug: Business Logic Errors
|
| 67 |
- How I Found My First Bug (and earned $1k!) - Business Logic Tips
|
| 68 |
- Unauthorized access to Codespace secrets in GitHub
|
| 69 |
- The Story of Becoming a Super Admin
|
| 70 |
- Bugging Out: My Experience of Earning $300 for Reporting an Unexpected Bug
|
| 71 |
- I Earned $3500 and 40 Points for A GraphQL Blind SQL Injection Vulnerability.
|
| 72 |
- I QUIT RECON... and made $10,000 in bounties!
|
| 73 |
- How to Bug Bounty in 2023
|
| 74 |
- Utilizing The Burp-Suite Pentest Mapper Plugin V1.6.5
|
| 75 |
- How I Automate BugBounty Using Chatgp
|
| 76 |
- OTP Bypass India’s Biggest Finance Company.
|
| 77 |
- Logical Flaw Lead to Changing Price of Any Product
|
| 78 |
- Amazon cognito misconfiguration
|
| 79 |
- Easy $$$ via API params manipulation leading to bypassing the email verification block
|
| 80 |
- Price manipulation vulnerabilities
|
| 81 |
- How i found 8 vulnerabilities in 24h
|
| 82 |
- Information Disclosure — My First Finding on Hackerone!
|
| 83 |
- Unauthorized access to admin setpassword page BY bypassing 403 Forbidden
|
| 84 |
- Account takeover vulnerability in OpenAI
|
| 85 |
|
| 86 |
- The curl quirk that exposed Burp Suite & Google Chrome
|
| 87 |
- Hacker Interviews: rez0__
|
| 88 |
- How I earned $$$ with simple Privilege escalation
|
| 89 |
- Admin Dashboard Access through JavaScript Code $$$
|
| 90 |
- CVE-2021–36560: Critical Authentication Bypass Leads to Admin Account Takeover
|
| 91 |
- Privilege Escalation via Broken Authentication: A Story of $$
|
| 92 |
- How I got my 1st Swag from SIDN
|
| 93 |
- Users information disclosure
|
| 94 |
- Authentication Bypass Easy P1 in 10 minutes
|
| 95 |
- Pawning Half A dozen of Admin Panels & User Management Apps And Reporting 9–10 P1 in a day
|
| 96 |
- Uncover the Hidden Web: Discover the Power of Subfinder for Efficient Subdomain Enumeration
|
| 97 |
- Revealing my Private tool for Instant Bounties[Find Sensitive Info]
|
| 98 |
- Disclosing assigned users of any facebook applications connected to business account
|
| 99 |
- How I was able to change password of any corporate user
|
| 100 |
|
| 101 |
|
| 102 |
- Revealing a Logic Flaw in an E-commerce Website
|
| 103 |
- Net-banking OTP bypass in IDFC Bank but got dups
|
| 104 |
- Account Takeover By OTP Brute force
|
| 105 |
- How I got RCE in + 10 websites…
|
| 106 |
- Rukovoditel 3.3.1 — Remote Code Execution
|
| 107 |
- LFI to RCE via Log Poisoning
|
| 108 |
- A Big company Admin Panel takeover $4500
|
| 109 |
- How Deep Recon help me to get critical Bug in Xiaomi
|
| 110 |
- How I hacked hackers in Voorivex Hunt Event
|
| 111 |
- Bypassing Link Sharing Protection in Messenger Kids Parent’s Control Feature Meta Bug Bounty
|
| 112 |
- Bypassing 403s like a PRO! ($2,100): Broken Access control
|
| 113 |
|
| 114 |
- Exploit Privilege Escalation Like a Pro
|
| 115 |
|
| 116 |
|
| 117 |
- How I was able to access a properly Configured S3 Bucket
|
| 118 |
- How I accessed the Sensitive document which I had already deleted
|
| 119 |
- A Deep Dive on Katana "Field" Extraction
|
| 120 |
- Disclosed API key to list user information and complete Exploitation !!
|
| 121 |
- Little bug, Big impact. 25k bounty
|
| 122 |
|
| 123 |
- Extensive Recon Guide For Bug Hunting
|
| 124 |
- Accessing Admin Dashboard in 5 seconds: Hall of Fame.
|
| 125 |
- What is BOLA? 3-digit bounty from Topcoder ($$$)
|
| 126 |
- Simple Account Takeover Worth $9,999
|
| 127 |
- How a simple Directory Listing leads to PII Data Leakage, Remote Code Execution and many more vulnerabilities on a HR management subdomain
|
| 128 |
- How I found my first RCE!
|
| 129 |
- RCE due to Dependency Confusion — $5000 bounty!
|
| 130 |
|
| 131 |
- Subdomain Takeover leading to Full Account Takeover
|
| 132 |
- One Bug at a Time: I failed my quiz on purpose to get $1,000!
|
| 133 |
- Reconnaissance 104: Expanded Scanning
|
| 134 |
- IDOR in session cookie leading to Mass Account Takeover
|
| 135 |
- SQL injection on a hidden API endpoint
|
| 136 |
- Hardcore RCE via directory name for $3.000
|
| 137 |
- Th3G3nt3lman Shares His Recon Methodology and How He Consistently Collects $15,000 Bounties!
|
| 138 |
|
| 139 |
- 23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite
|
| 140 |
- Why You Should Always Check The Audit Log [Medium] — $500
|
| 141 |
- Exploiting SQL Error SQLSTATE[42000] To Own MariaDB of A Large Online Media Leader
|
| 142 |
- I helped the top Indian health benefits management platform from major PII leak by hacking their SQL Servers, AWS instance, DCs etc.
|
| 143 |
- Azure DNS Takeover @ Swisscom
|
| 144 |
- I Earned $3500 and 40 Points for A GraphQL Blind SQL Injection Vulnerability.
|
| 145 |
- How I got Owned A Multi-Billion Dollar Retailer’s MySQL Databases Using Simple SQL Injection
|
| 146 |
- IDOR Vulnerability that exposed 17 Million user data (IDOR Diaries)
|
| 147 |
- Utilizing Historical URLs of an Organization to successfully execute SQL queries — Blind SQLi
|
| 148 |
- Blind SSRF - The Hide & Seek Game
|
| 149 |
- The 30000$ Bounty Affair.
|
| 150 |
- Got Access To Server through SQL Injection.
|
| 151 |
- How I bypassed Two-Factor Authentication with 3 different methods on the same target
|
| 152 |
- Weird Improper Access Control Bug of $$$
|
| 153 |
- Exploiting SSRF like a Boss — Escalation of an SSRF to Local File Read!
|
| 154 |
- The Tale of a Command Injection by Changing the Logo
|
| 155 |
- How a misconfigured Lotus Domino Server can lead to Disclosure of PII Data of Employees, Configuration Details about the Active Directory, etc
|
| 156 |
- Breaking TikTok: Our Journey to Finding an Account Takeover Vulnerability
|
| 157 |
- Rate Limit Bypass Leads to 0 Click ATO
|
| 158 |
- How I Found Price Manipulation of Products Vulnerability
|
| 159 |
- How I was able to get account takeover via IDOR form JWT
|
| 160 |
- The Art of G-mail Hacking! → Secrets of Impersonation!
|
| 161 |
- Path traversal to RCE — Openfire — CVE-2023–32315
|
| 162 |
- SQL Injection in The HTTP Custom Header
|
| 163 |
- IDOR, unpin posts for fun.
|
| 164 |
- Pwning Admin Panel To Change Movie Ticket Prices at Disney
|
| 165 |
- An interesting 'dependency confusion' attack on
|
| 166 |
- PII Data Leakage and US$1500 Bounty
|
| 167 |
- Best approach to Error-Based SQL injection
|
| 168 |
- How Searching by IP Addresses Can Reveal Hidden Gems
|
| 169 |
- How I was able to send Emails Using Anyone’s Email Address via the Contact Us Functionality
|
| 170 |
- How I Unveiled a Critical Vulnerability: Exposing All Buyers’ Invoices PII with a Single Trick
|
| 171 |
- Hijacking S3 Buckets: New Attack Technique Exploited in the Wild by Supply Chain Attackers
|
| 172 |
- The Unexpected “0” Master ID for Account Data Manipulation
|
| 173 |
- Get a Feel of JWT ( JSON Web Token )
|
| 174 |
- Attacks on JSON Web Token (JWT)
|
| 175 |
- Exploiting Exposed Tokens and API Keys: Edition 2023
|
| 176 |
- The Power of Shodan - Leveraging Shodan for Critical Vulnerabilities
|
| 177 |
- My first two valid and rewarded Web Cache Deceptions, earning $2250
|
| 178 |
- How BAC(Broken Access Control) got me a Pre Account Takeover
|
| 179 |
- Account Takeover: Unraveling IDOR + Stored XSS Flaws in an NFT Marketplace
|
| 180 |
- My First Valid Report and Reward in BugBounty
|
| 181 |
|
| 182 |
- How i was able to get Account Takeover via Insecure Data Storage and WebView With Exported Activity
|
| 183 |
- I received a bounty of $60 for finding a critical bug in the patient management system.
|
| 184 |
- Exploiting Non-Cloud SSRF for More Fun & Profit
|
| 185 |
|
| 186 |
- Account Takeover (ATO) via Manipulation of the Change Password Funcionality
|
| 187 |
- A $1,000,000 bounty? The KuCoin User Information Leak
|
| 188 |
- Account takeover hidden in Javascript files.
|
| 189 |
- 10 tips for crushing bug bounties
|
| 190 |
- IDOR To Delete Hall Of Fame Page.
|
| 191 |
- How I got Two RCE at EPAM-Bounty Program
|
| 192 |
- Get All your Clickjacking Vulnerability Triaged with this Exploitation!
|
| 193 |
- Exploiting Time-Based SQL Injections: Data Exfiltration
|
| 194 |
- An interesting RCE on a Synack Red Team target!
|
| 195 |
- Server Side Request Forgery(SSRF){port issue hidden approch }
|
| 196 |
- Unveiling Vulnerabilities: How I Earned My First Bounty by Securing my Favorite Cyber Security YouTuber’s Website
|
| 197 |
|
| 198 |
- Blind SQL injection with a little WAF
|
| 199 |
- Chaining Multiple Website Vulnerabilities: My First Bug Hunt
|
| 200 |
- Understanding, Detecting, and Exploiting SSRF
|
| 201 |
- How I was Able To Bypass The Admin Panel
|
| 202 |
- Breaking Down SSRF on PDF Generation: A Pentesting Guide
|
| 203 |
- How a single quote (‘) may potentially destruct one of a biggest public transportation business
|
| 204 |
- How I Hacked the Department of Telecommunications?
|
| 205 |
- Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 2)
|
| 206 |
- How I found Subdomain Takeover on Red Bull
|
| 207 |
- How I was able to takeover 4000+ users account
|
| 208 |
- How I found two api vulnerabilities by analyzing JS source code
|
| 209 |
- How I Found a Vulnerability on Google and Earned a Hall of Fame Spot
|
| 210 |
- How I was able to cause a DoS via the Application (IP Restriction roles)
|
| 211 |
- Bypassing email verification of high-profile tech company ($$$)
|
| 212 |
- How I Discovered a Critical PII Info Disclosure Bug: A Journey Through the Wayback Machine
|
| 213 |
- Like a pro, navigating 403s! ($2,300): Access Issues
|
| 214 |
- HeapDump to account takeover to PII Data Leak
|
| 215 |
- Unveiling the Rate Limiting Issue: The Low Hanging Fruits Bounty Bonanza!3k$+
|
| 216 |
- Cross-Tenant Information Disclosure: Unraveling Microsoft Connections, Custom Connectors, and OAuth 2.0 in Power Automate
|
| 217 |
|
| 218 |
- Mastering Small Scope Programs: A Comprehensive Guide for Bug Hunting
|
| 219 |
- Mastering the Realm of GraphQL Exploitation
|
| 220 |
- Attacking Misconfigure Spring Boot Actuators
|
| 221 |
- PII-nacles of Discovery: Deep Recon, Fourth-Level Subdomains, and Abusing Exposed .git Repositories
|
| 222 |
- Finding “BAC - IDOR -PE” Within a Minute using Autorize Tool
|
| 223 |
- Templating the Unthinkable: From Injection to Remote Control
|
| 224 |
- Gone in a Click: IDOR Vulnerabilities in Image Upload Function
|
| 225 |
- How I Discovered Over 40+ Impactful Vulnerabilities Within 1 Hour, Just for Fun!
|
| 226 |
- Special Characters Manipulating in BugBounty
|
| 227 |
- Unveiling Vulnerabilities: Host-header injection in OAuth Functionality
|
| 228 |
- 10 Technical Tips with Hx01
|
| 229 |
- Customer account takeover in Shopify stores
|
| 230 |
|
| 231 |
- An IDOR lead joins any group makes me $2,500
|
| 232 |
- My first Bounty Worth $$$$
|
| 233 |
- The Ticket Hack: Free travel by hacking the Chennai Metro Rail.
|
| 234 |
- Bypass Two-Factor Authentication of Facebook Accounts ($25,300)
|
| 235 |
- How to expand your attack surface and avoid duplicates
|
| 236 |
- Compromised servers and downloaded source codes of a company
|
| 237 |
- I've made $500k+ from SSRF vulnerabilities.
|
| 238 |
- Privilege Escalation to Super Admin
|
| 239 |
- How i got more than 100 vulnerabilities in just one site?
|
| 240 |
- How a Shodan search led to Gold Mine
|
| 241 |
- Exploiting Wildcard for Privilege Escalation
|
| 242 |
- Stealing Login Credentials using HTTP Request Smuggling
|
| 243 |
- I was able to see all user information by manipulating parameters on the website.
|
| 244 |
- Leaking File Contents with a Blind File Oracle in Flarum
|
| 245 |
- Arbitrary account takeover vulnerability
|
| 246 |
- RCE on Application’s Tracking Admin Panel
|
| 247 |
- How I Got Free LinkedIn Premium Membership
|
| 248 |
- Uncovering Web Cache Deception: A Missed Vulnerability in the Most Unexpected Places
|
| 249 |
- A Comprehensive Approach for Testing for SQL Injection Vulnerabilities
|
| 250 |
- My debut with a Critical Bug: How I found my first bug (API misconfiguration)
|
| 251 |
- How I got $$$ from my First valid Bug
|
| 252 |
- How .js file helped me to find and Exploit AWS Access key and Secret
|
| 253 |
- HTTP Request Splitting vulnerabilities exploitation
|
| 254 |
- How do I search for Web Cache Deception?
|
| 255 |
- Unauthenticated Massive PII Leak
|
| 256 |
- Privilege Escalation: How I Earned $500 by Discovering the Ability to Delete Documents as a Student
|
| 257 |
- Mastering the Art of SQL Injection: A Comprehensive Guide
|
| 258 |
- How to find subdomain takeover using httpx + dig
|
| 259 |
- Exploiting Broken Access Control Vulnerability
|
| 260 |
- GraphQL APIs & Enumeration Basics
|
| 261 |
|
| 262 |
- OAuth Misconfiguration Leading to Unauthorized Admin Access For All Org Product
|
| 263 |
- How I Got 4 SQLI Vulnerabilities At One Target Manually Using The Repeater Tab
|
| 264 |
- Account takeover via misconfigured SSO [OIDC] implementation
|
| 265 |
- Getting RCE in Chrome with incorrect side effect in the JIT compiler
|
| 266 |
- RCE in Progress WS_FTP Ad Hoc via IIS HTTP Modules (CVE-2023-40044)
|
| 267 |
- Beyond Base64: The Vulnerability Leaving Millions of Calls Exposed
|
| 268 |
- Beyond Error Messages: Super Admin Deletion due to Broken Access Control (€€€)
|
| 269 |
- $1000 Bug using simple Graphql Introspection query
|
| 270 |
- $1,250 worth of Host Header Injection
|
| 271 |
- nOAuth: Account Takeover via Microsoft Oauth
|
| 272 |
- Bug Bounty Hunter — Captcha Bypass #Response-to-this-Request
|
| 273 |
- 403 Forbidden? No Problem, Here’s a POST XSS
|
| 274 |
- One Bug at a Time: Admin Panel Access I’m now an Employee!
|
| 275 |
- How to build custom scanners for web security research automation
|
| 276 |
|
| 277 |
- Privilege esclation allow user to delete pending invitation
|
| 278 |
- Using cloudflare to bypass cloudflare
|
| 279 |
|
| 280 |
- Multiple Organization Full account Take-over via privilege escalation
|
| 281 |
- $1120: ATO Bug in Twitter’s
|
| 282 |
- how to dig deep to found a tricky xss via 0auth redirect in blockchain platform and get $700
|
| 283 |
- Uncovering Security Vulnerabilities: A Deep Dive into an Eye-Opening Git Discovery
|
| 284 |
- Unauthorized Access to Admin Panel & SQL Injection
|
| 285 |
- CVE-2022-4908: SOP bypass in Chrome using Navigation API
|
| 286 |
- Here is how I Do my Recon fast automated bug bounty
|
| 287 |
- Sensitive Information Leak via Forgotten .DS_Store File on redacted.com
|
| 288 |
- Hunting for Hidden Treasures: Unveiling the 403 Bypass Bug Bounty Adventure
|
| 289 |
- How I Exposed Instagram's Private Posts by Blocking Users
|
| 290 |
- Delving into the Depths of NoSQL Injection: A Research Odyssey
|
| 291 |
- The single-packet attack: making remote race-conditions 'local'
|
| 292 |
- How I Discovered an Exposed API Access Token in a JavaScript File, Uncovering Sensitive Company’s Internal Data
|
| 293 |
- From user to admin gaining admin panel access
|
| 294 |
- Account Takeover via Business Logic
|
| 295 |
- Bypassing 2FA for Password Reset : By Request Manipulation 500$ Bug
|
| 296 |
- Full account takeover — Never give up
|
| 297 |
- Security Vulnerabilities in CasaOS
|
| 298 |
- A web cache deception chained to a CSRF, the recipe
|
| 299 |
- Business Logic Errors Can Be Your First Bug
|
| 300 |
- Akamai Bypass! Advanced XSS.
|
| 301 |
- Escalating debug mode in Django to RCE, SSRF, SQLi
|
| 302 |
- Compromising F5 BIG-IP With Request Smuggling
|
| 303 |
- DOM-based race condition: racing in the browser for fun
|
| 304 |
- IDOR - how to predict an identifier? Bug bounty case study
- How to hunt on restricted web applications protected behind a login page?
|
| 305 |
- Automating Boolean SQL Injection and Evading Filters
|
| 306 |
- Account Takeover via Weak OTP
|
| 307 |
- $7000 Bounty on a Single Web Application
- Blog Post: Bypassing an Admin Panel with SQL Injection
|
| 308 |
- How I was able to find BAC on the University website leading to result dumping?
- Graphql path traversal lead to disclosure of PII
- How Storing Credentials in the Source Code Can Lead to Account Takeover
- Uncovering a Vulnerability in Intercom Widget Chat Configuration
|
| 309 |
- My $750 Privilege Escalation Bug: How I Prevented Unauthorized Role Changes.
- How to exploit Self-Stored XSS Issues?
|
| 310 |
- Race Conditions with pipelining
|
| 311 |
- Discovering and Exploiting a XML External Entity (XXE) Vulnerability in a Public Bug Bounty Program
|
| 312 |
- Uncovering a Simple Web Cache Deception Vulnerability That Paid Off
- How can you effectively exploit Windows IIS targets?
|
| 313 |
- What types of DoS bugs will get you a bounty?
|
| 314 |
- Cloudflare Bypass leads to RXSS in Microsoft
- Mass hunting vulnerabilities with subdomain database feature of prettyrecon
|
| 315 |
- Unlocking Cash: Easy P1 Bug in Grafana Dashboard with Default Credentials = €€€€
|
| 316 |
- 1200$ IDOR Flaw: Allow Attacker To Approve Project Time Tracking
- AI Quickly Exposes 2-Minute DOM XSS in JavaScript Translation
|
| 317 |
- The Art Of Zendesk Hijacking
- How I dropped a crit 0day XXE to full read SSRF in less than 6 hours.
|
| 318 |
- OwnCloud OAuth Token Steal leading to CRUD Filestore Access
|
| 319 |
- Idor That allowed me to get access to sensitive users files and share them
- HTTP is dead... Long live HTTP?!
|
| 320 |
- How I hacked Google’s bug tracking system itself for $15,600 in bounties
- Uncovering a crazy privilege escalation from Chrome extensions
|
| 321 |
- How to Generate Endless Attack Vectors on Web Applications
- Bug bounty tip for shopping site
- $1000 Bounty: How I scaled a Self-Redirect to an XSS in a web 3.0 system at Hackenproof
|
| 322 |
- Unlocking Important Resources with Email Verification Bypass
- Takeover other user's accounts using Login with Facebook
|
| 323 |
- Okta for Red Teamers — Perimeter Edition
|
| 324 |
- Account Hijacking via Invite Flows
- Privilege Escalation: Unauthorized Low-Privilege Users Creating Feature Bundles
|
| 325 |
- Chaining CORS by Reflected XSS to Steal Sensitive Data
- My First IDOR - Hiding in the Header Request
- Where to hunt for XXE (XML External Entity)
|
| 326 |
- Everything about full-time bug bounty
|
| 327 |
- Mass Hunting XSS vulnerabilities
- Semi-Automating IDORs: A Practical Approach to Working Smarter, Not Harder
|
| 328 |
- Building a free Burp Collaborator with Cloudflare Workers
- How to tackle unpredictable IDs in IDOR or RBAC Issues?
|
| 329 |
- How I Made $$$ Using Open-Redirect
- First massive bug: Noise’s AWS Bucket Misconfiguration
|
| 330 |
- Critical misconfiguration in Firebase
- How i get my first Logic Bug and how to find them
|
| 331 |
- How to approach restricted bug bounty programs with a single site in scope?
|
| 332 |
- Navigating Risks: Vulnerability Stemming from a Third-Party Integration
- Unlocking GraphQL's Hidden Potential
|
| 333 |
- PII Disclosure Worth $750
- DoS via Password Strength Checker Function
|
| 334 |
- How to Spot CORS Misconfigurations?
|
| 335 |
- Race Condition - A cURL Chaos
|
| 336 |
- Where to find SSRF Issues?
|
| 337 |
- Business Logic Vulnerability: Payment bypass
- Tips for Approaching the Main App of a Program
|
| 338 |
- Hacking a Payment Processor
|
| 339 |
- PDF Upload Leading to Stored XSS
|
| 340 |
- How I Discovered SSRF on Hackerone Program
|
| 341 |
- Unraveling The Story of Multiple Admin Panel Compromises
|
| 342 |
- 3 Symfony (RCE): A Peek Behind the Curtain
|
| 343 |
- How to not implement payment features - Insights from Bugbounty
|
| 344 |
- Bypassing CSRF Protection Like a Pro
|
| 345 |
|
| 346 |
- Exploiting Django Debug Mode for Unrestricted Access to the Internal Dashboard?
|
| 347 |
- Remote Code execution at ws1.aholdusa.com — Compromising logins of Ahold Delhaize USA employees for >3.5 years (or even 18 years?)
|
| 348 |
- One port can be a costly mistake Attack The Rsync Service in a Private Program
|
| 349 |
- Escalating DOM XSS to Stored XSS
|
| 350 |
- Subdomain Takeover in Azure Trafficmanager for Fun & Profit
|
| 351 |
- SSTI gave me T-Shirt + € 50
- XSSRF : The Matrimony of XSS and SSRF.
|
| 352 |
|
| 353 |
- This Is The Story Of Making Almost $50,000 In Bounties From Adobe's VIP Bug Bounty Program💰
|
| 354 |
- How I Found SQL Injection worth of $4,000 bounty
- The Ultimate Guide to Uncovering XSS Vulnerabilities at Scale
|
| 355 |
- CVE-2023–43837: Two-Factor Authentication (x2FA) Bypass Vulnerability in Roundcube Webmail Plugin
|
| 356 |
- The ART of Chaining Vulnerabilities
|
| 357 |
- Privilege escalation and arbitrary page tampering in Cloudflare Pages
|
| 358 |
- How I Discovered an RCE Vulnerability in Tesla, Securing a $10,000 Bounty
|
| 359 |
- Account takeover vulnerability that resulted in $2500 bounty!
|
| 360 |
- The Tale Of Insecure Deserialization: A Journey From Serialization To Exploitation
|
| 361 |
- How you can escalate XSS Issues to an Account Takeover
|
| 362 |
- Bug Bounty: The road to my first $1000 through hacking public websites
|
| 363 |
- How to Identify and exploit Akamai Cache Deception/Poisoning Issues?
|
| 364 |
- Sudomain Takeover via Shopify(Easy Bounty $$$$)
- New OWASP API Top 10 for Hackers
|
| 365 |
- 417$ Simple IDOR: Unauthorized Contact Details Modification
- From Google Dorking to Unauthorized AWS Account Access and Account Takeover
|
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent
